Back to lab listing.

Lab Objective:

Learn how to use the Dig command to gather DNS information.

Lab Purpose:

Dig stands for Domain Information Groper. It is a tool for querying DNS nameservers for information about host addresses, mail exchanges, nameservers and related information.

Lab Tool:

Kali Linux.

Lab Topology:

You can use Kali Linux for this lab.

Lab Walkthrough:

Task 1:

Dig is a tool which can be used on either Linux or Mac OS. Dig comes pre-installed on Kali Linux and you can check its version using the following command:

dig -v

The dig syntax looks like the following:

Dig [server] [name] [type]

We will begin by performing a simple dig command. Type the following into a terminal:


Task 2:

The above command will include several information. There may be a time when you only want the

dig command

result of the query. This can be achieved in dig with the following command:

dig +short

linux dig

As you can see, there can be more than one IP for a host record.

Task 3:

This next command will get rid of all information before the answer section, for easier reading. We can specify this using the following command:

dig linux command

Task 4:

We can also specify the nameservers we wish to query using the following command:

dig linux

This command queries the “” record from the Name Server with IP address

Task 5:

If we want to query all DNS record types, we can use the “ANY” option. This will display all the available record types in the output:

linux dig

Task 6:

We can also look up a specific record. For example, if we want to get only the mail exchange section associated with a domain, we can use the following command:

dig MX

We can query a number of specific record types using the following tags in place of MX:


dig linux

Task 7:

dig linux

We can trace the DNS path, similar to traceroute, using the following command:

Task 8:

linux dig

It is also possible to make DNS queries for IP addresses.

Task 9:

Dig has a useful feature which allows you to perform a number of DNS lookups for a list of domains instead of doing the same for each one individually. This can be done by performing a lookup using a file:

dig -f domain_names.txt +short

Task 10:

dig linux command

It is possible to access domain verification data by making a DNS TXT query.

Dig is a tool with multiple uses and can be very useful for gathering a broad range of DNS information about a target site.